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EXAMINER'S AMENDMENT 

An examiner's amendment to the record appears below. Should the changes and/or 
additions be unacceptable to applicant, an amendment may be filed as provided by 37 CFR 
1.312. To ensure consideration of such an amendment, it MUST be submitted no later than the 
payment of the issue fee. 

Original authorization for this examiner's amendment was given in a telephone interview 
with William W. Schaal, Reg. No. 39,018 on 9/07/2004, with this subsequent examiner 
amendment for the sole purpose of consistent renumbering. 

1. . Replace claims 5,7-10,12,13,17-20,23,26,28-30,33 with as new numbered claims 1-17: 

L Embodied in a memory component, a digitally signed image comprising: 

a post-relocation image being a result formed by alteration of a pre-relocation image of a 
software module upon loading of the image into the memory component; 

information to convert the pre-relocation image to the post-relocation image, the 
information includes offsets for addressing routines within the software module and the offsets 
are generated after the software module is compiled and placed into an executable format; and 

a digital signature based on the pre-relocation image, the digital signature is a hash value 
of the pre-relocation image digitally signed by a private key of a selected signatory. 

2. Embodied in a memory component, a digitally signed image comprising: 
a Bound & Relocated Import Table (BRIT); 
an import table; 
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an export table including a plurality of entries forming a listing of segments of 
information contained in the image, a selected entry of the plurality of entries includes an 
identifier of a segment of information associated with the segments of information, the selected 
entry further includes a second offset being an offset from a starting address of the digitally 
signed image to an address location of the segment of information; 

an image of a software module; and 

a digital signature based on the import table, the export table and the image. 

3. The digitally signed image of claim 2, wherein the import table comprises a 
plurality of entries, each entry includes an identifier that indicates what segment of information 
contained in another digitally signed image is required by the image. 

4. The digitally signed image of claim 3, wherein the identifier includes a unique 
sequence of byte values. 

5. The digitally signed image of claim 3, wherein the identifier includes a unique 
sequence of alphanumeric characters. 

6. The digitally signed image of claim 3, wherein each entry of the import table 
further includes an offset to a corresponding entry of the BRIT. 



7. A method comprising: 
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reconverting a post-relocation image of a digitally signed image back to a pre-relocation 
image, the pre-relocation image being an image of a software module prior to relocation where 
an address with the digitally signed image is changed; 

conducting a one-way hash operation on the reconverted, pre-relocation image to produce 
a reconverted hash value; 

recovering a hash value from a digital signature contained in the digitally signed image, 
the hash value is based on the pre-relocation image of the software module; 

comparing the hash value to the reconverted hash value; 

determining that an integrity of the post-relocation image remains intact if the hash value 
matches the reconverted hash value; and 

determining that the post-relocation image has been modified beyond any modification 
caused by relocation when the hash value fails to match the reconverted hash value. 

8. A method for generating a Bound & Relocated Import Table (BRIT) within an 
electronic device, comprising: (a) locating an import table for a first digitally signed image 
loaded within the electronic device, each entry of the import table including an identifier and a 
first offset; (b) accessing an identifier within a selected entry of the first digitally signed image; 
(c) determining whether the identifier matches an identifier within an export table of a second 
digitally signed image loaded within the electronic device, the identifier for the export table is 
stored with a corresponding second offset; and (d) upon determining that the identifier within the 
selected entry matches the identifier within the export table, producing an address by combining 
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the second offset with a starting address of the second digitally signed image, and loading the 
identifier within the selected entry and the address into an entry of the BRIT. 

9. The method of claim 8 further comprising: repeating the operations of (a)-(d) for 
each remaining entry of the import table for loading resultant address and identifier pairs into 
different entries of the BRIT. 

10. The method of claim 8, wherein the; producing of the address by combining the 
second offset with the starting address of the second digitally signed image comprises an 
arithmetic operation. 

1 1 . The method of claim 8, wherein prior to locating an import table for the first 
digitally signed image, the method further comprises locating a plurality of digitally signed 
images loaded within the electronic device. 

12. A method comprising: 

verifying an integrity of a plurality of digitally signed images loaded in an electronic 
device, the plurality of digitally signed images includes a first digitally signed image and a 
second digitally signed image by 

performing a hash operation on an import table, an export table and an image of 

the first digitally signed image to produce a first resultant hash value; 
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recovering a first hash value from a digital signature contained in the first 
digitally signed image, 

comparing the first hash value with the first resultant hash value, 
performing a hash operation on the import table, the export table and an image of 
the second digitally signed image to produce a second resultant hash value; 

recovering a second hash value from a digital signature contained in the second 
digitally signed image, and 

comparing the second hash value with the second resultant hash value; 
determining whether an identifier in an import table of the first digitally signed image 
matches an identifier in the export table of the second digitally signed image; and 

determining whether an entry of a Bound & Relocated Import Table (BRIT) 
corresponding to the identifier in the import table points to an address defined by the identifier in 
the export table. 

13. An electronic device comprising: 
a processor; and 

a non-volatile memory component in communication with the processor, the non-volatile 
memory component includes including 

a post-relocation image being an image of a software module altered during 
relocation in which an address associated with the image is adjusted before loading the 
post-relocation image into the memory component, 
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information to convert the image into the post-relocation image, the information 
placed within the non-volatile memory component includes an offset from a starting 
address of the image of the software module, and 

a digital signature based on the image of the software module. 

14. An electronic device comprising: 
a processor; and 

a memory in communication with the processor, the memory being loaded with a Bound 
& Relocated Import Table (BRIT), an import table, an export table, an image of a software 
module, and a digital signature based on the import table, the export table and the image, the 
export table includes a plurality of entries forming a listing of segments of information contained 
in the image, a selected entry of the plurality of entries includes an identifier of a segment of 
information associated with the segments of information, the selected entry further includes a 
second offset being an offset from a starting address of the digitally signed image to an address 
location of the segment of information. 

15. The electronic device of claim 14, wherein the import table loaded within the 
memory comprises a plurality of entries, each entry includes an identifier that indicates what 
segment of information contained in another digitally signed image is required by the image. 

16. The electronic device of claim 15, wherein the identifier associated with a 
particular entry include a unique sequence of byte values. 
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17. Embodied in a processor readable medium for execution by a processor, a 
software program comprising 

a first software module to reconvert a post-relocation image of a digitally signed image 
back to a pre-relocation image, the pre-relocation image being an image of a software module 
prior to adjustment of an address corresponding to an address location allotted for the post- 
relocation image; 

a second software module to conduct a hash operation on the reconverted, pre-relocation 
image to produce a reconverted hash value; 

a third software module to recover a hash value from a digital signature contained in the 
digitally signed image, the hash value is based on the image of the software module; 

a fourth software module to compare the hash value to the reconverted hash value; 

a fifth software module to determine that an integrity of the post-relocation image 
remains intact if the hash value matches the reconverted hash value; and 

a sixth software module to determine that the post-relocation image has been modified 
beyond any modifications caused by relocation when the hash value fails to match the 
reconverted hash value. 
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Conclusion 



13. Any inquiry concerning this communication or earlier communications from examiner 
should be directed to Ronald Baum, whose telephone number is (571) 272-3861, and whose 
unofficial Fax number is (571) 273-3861. The examiner can normally be reached Monday 
through Friday from 8:00 AM to 5:30 PM. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Ayaz Sheikh, can be reached at (571) 272-3795. The Fax number for the organization 
where this application is assigned is 703-872-9306. 

Ronald Baum 
Patent Examiner 
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